Compaq Web Admin Buffer Overflow Vulnerability

A vulnerability has been reported in the web-based administration component common to a number of Compaq software products.

The administration tool is vulnerable to buffer overflow attack techniques employing maliciously-formed user-supplied input. Properly exploited, this vulnerability can allow a remote attacker to execute arbitrary code on the affected system, with the privilege level of the system administrator.

The advisory did not provide further information about this vulnerability.

The following was excerpted from notification by <researchteam@esecurityonline.com>:

Affected Technologies:
------------------------------
Compaq Foundation Agents 4.0-4.90, 1.0-2.1
Digital Unix (Tru64) 4.0F and later
Insight Manager XE 1.0-2.1, LC 1.03c, 1.50A
Survey Utility 2.17-2.33
Intelligent Cluster Admin 1.0-2.1
System Healthcheck 3.0.0
Enterprise Volume Manager/Command Scripter 1.1 and 1.0
Insight Management Desktop Web Agents 3.70
Armada Insight Mgr 4.20-4.20J
Management Agents 4.30-4.35, 4.36-4.37E, 4.36E
Open SAN Manager 1.0
SANWorks Resource Monitor 1.0
Storage Allocation Reporter 1.0


 

Privacy Statement
Copyright 2010, SecurityFocus